Return-Path: Delivered-To: apmail-ant-ivy-user-archive@www.apache.org Received: (qmail 10469 invoked from network); 24 Apr 2008 20:08:50 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 24 Apr 2008 20:08:50 -0000 Received: (qmail 27605 invoked by uid 500); 24 Apr 2008 20:08:51 -0000 Delivered-To: apmail-ant-ivy-user-archive@ant.apache.org Received: (qmail 27592 invoked by uid 500); 24 Apr 2008 20:08:51 -0000 Mailing-List: contact ivy-user-help@ant.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: ivy-user@ant.apache.org Delivered-To: mailing list ivy-user@ant.apache.org Received: (qmail 27581 invoked by uid 99); 24 Apr 2008 20:08:51 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 24 Apr 2008 13:08:51 -0700 X-ASF-Spam-Status: No, hits=-2.0 required=10.0 tests=HTML_MESSAGE,RCVD_IN_DNSWL_MED,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of Shawn.Castrianni@halliburton.com designates 34.254.16.16 as permitted sender) Received: from [34.254.16.16] (HELO HOUMAIL004.halliburton.com) (34.254.16.16) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 24 Apr 2008 20:07:56 +0000 Received: from HOUEXHU010.corp.halliburton.com (houexhu010.corp.halliburton.com [34.224.232.94]) by HOUMAIL004.halliburton.com (8.13.8/8.13.8) with ESMTP id m3OK5Nls018934 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT) for ; Thu, 24 Apr 2008 15:08:10 -0500 Received: from HOUEXCH012.corp.halliburton.com ([34.224.232.93]) by HOUEXHU010.corp.halliburton.com ([34.224.232.94]) with mapi; Thu, 24 Apr 2008 15:05:25 -0500 From: Shawn Castrianni To: "'ivy-user@ant.apache.org'" Date: Thu, 24 Apr 2008 15:05:25 -0500 Subject: secure dependency artifacts Thread-Topic: secure dependency artifacts Thread-Index: AcimRoiIY3dQX/XOQLexIDNP1lB9gg== Message-ID: <745B9EDF57802349B13F90E4E0B4B86C3BA402BB48@HOUEXCH012.corp.halliburton.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: multipart/alternative; boundary="_000_745B9EDF57802349B13F90E4E0B4B86C3BA402BB48HOUEXCH012cor_" MIME-Version: 1.0 X-HALSTAMP: TRUE X-Proofpoint-Virus-Version: vendor=fsecure engine=4.65.7111:2.4.4,1.2.40,4.0.164 definitions=2008-04-24_07:2008-04-24,2008-04-24,2008-04-24 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 ipscore=0 phishscore=0 bulkscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx engine=3.1.0-0804140000 definitions=main-0804240156 X-Virus-Checked: Checked by ClamAV on apache.org --_000_745B9EDF57802349B13F90E4E0B4B86C3BA402BB48HOUEXCH012cor_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Currently we have an ivy repository that is within our corporate firewall o= n a shared Netapp storage device. It is constantly being added to as each = continuous build publishes its latest version. In the past as part of the = ANT build, we would zip up the source code used to produce each build and p= ublish it as an artifact along with the build. This is useful for when dev= elopers working on modules high up in the dependency chain need to debug do= wn to a dependent module inside their IDE. Having the source zip files giv= es them the source code to debug into. This is working great, but here comes a new corporate policy. We have to i= ncrease the security of our source code and closely monitor who has access = to what. We do this with our SVN server, but by publishing the source.zip = on a shared netapp storage device, anybody can go to the network share and = browse into these source zip files. This essentially gives everybody acces= s to all source code. So my question is if there is a way to have secured dependency artifacts? = Can we have all artifacts be readable but then have the source.zip require = a username and password before it downloads with a resolve/retrieve? Even = if this were possible, we would still need to keep the shared netapp storag= e device readable by everybody so that they could successfully download dep= endencies other than the source zip files. Any ideas? Perhaps use the svnivy plugin and store our repository artifact= s inside SVN which has authentication options to protect against what is ac= cessible?? --- Shawn Castrianni ---------------------------------------------------------------------- This e-mail, including any attached files, may contain confidential and pri= vileged information for the sole use of the intended recipient. Any review= , use, distribution, or disclosure by others is strictly prohibited. If yo= u are not the intended recipient (or authorized to receive information for = the intended recipient), please contact the sender by reply e-mail and dele= te all copies of this message. --_000_745B9EDF57802349B13F90E4E0B4B86C3BA402BB48HOUEXCH012cor_--